Our Clients

Our Clients

OTSI – Object Technology Solutions Inc., Client – Ericsson, Inc.

Sr. Security, Compliance and Privacy Engineer

 

Was senior Lead responsible for the successful implementation of risk, compliance, and privacy initiatives for the PCI/DSS and SOC 2 assessments for the year 2020 compliance? Coordinated with QSA, and other external auditors and stakeholders to ensure scope and compliance requirements by establishing the baseline requirements through discovery, evidence gathering, storage artifacts, communication identification, compliance requirements, and supporting the external auditors

 

Sr. Risk, Security, Compliance and Privacy engineer

 

  • Senior Lead for the successful implementation of risk, compliance, and privacy initiatives for the PCI/DSS and SOC-2 assessments implementation for the year 2020 compliance. Coordinated with QSA, and other external auditors and stakeholders to ensure scope and compliance requirements by establishing the baseline requirements through discovery, evidence gathering, storage artifacts, communication identification, compliance requirements, and supporting the external auditors
    Was the lead/Manager for risk, governance, and compliance initiatives responsible for achieving team objectives for the mandated enterprise risk and compliance.
  • Was responsible and designed and conducted risk management, designed, and tracked remediation plans.
  • Was responsible for weekly internal and external implementation program team meetings to ensure that audit requirement and evidence collections are ready and complete for auditing.
  • Implemented PCI/DSS version 3.2.1 both for on-site and virtual assessments in over 5 remote locations due to COVID-19.
  • Was responsible for the planning, organizing, directing, and controlling audit initiatives to completion.
  • Instituted the approaches to data management and governance in the company.
  • Was a subject matter expert for security programs/questions from various business units.
  • Successfully performed the assessment and implementation of the year/2020 SOC-2 mostly worked with third-party external auditors.
  • Performed security control and assessment using NIST 800-XXX (including NIST-171, NIST 800-53x) control assessment and mappings.
  • Evaluated major components of the company’s security compliance program in alignment with the mandated compliance requirements.
  • ISO 27001/2, ISSA controls assessments, FedRAMP
  • Implemented GDPR implementation as part of risk assessment
  • Compliance controls implementation for SSAE 18, SOC1/SOC2, ISO 27001/ ISO 27002, ISO 27018,
  • Assessed regulatory requirements (GDPR, CCPA, etc), SOX ITG

Amtex Systems Inc. /client: Optiv Security, Inc.

 

Sr Cybersecurity Analyst:

 

  • Led the external compliance audits such as Payment Card Industry (PCI), Service Organization Compliance (SOC 2), Health Insurance Portability and Accountability Act (HIPAA).
  • Led the team in security standards formulations and documentation.
  • Analyze shifts in technology and security impacts.
  • Review new products or interconnecting platform’s security requirements and provide analysis.
  • Align security architecture with project design, plans, controls, processes, and procedures.
  • Lead conference calls and present security analysis and goals to project teams
  • Performs the security compliance review of firewalls and access lists
  • Senior Risk and Compliance Consultant
  • Assessed over 74 portfolio companies (nationally and internationally) on a variety of regulatory requirements such as ISO 27000, PCI, SOX, GLBA, HIPAA, FISMA, NIST CSF, and NIST 800-53
  • Assist clients in solving their individual compliance needs and providing clear actionable direction to the customer to improve their security program.
  • Lead and conduct national and international client interviews as part of the discovery process for consulting engagements to assess cybersecurity controls and compliance maturity based on NIST.

Capgemini Energy, (Client: Hydro One Networks, Inc. Canada – Contract)

Sr Cybersecurity Consultant:

 

• NIST (CSF) – Cyber Security Maturity framework assessment
• Perform cybersecurity controls assessment to determine and measure the maturity level of the cybersecurity program and the underlying controls, and to highlight areas that may need attention and tightening of controls
• The primary focus is to ensure that reasonable security controls and measures are in place before clients embark on future tactical or strategic initiatives especially, moving from the current landscape to any proposed digital transformation program.
• Assess the maturity of cybersecurity controls and analysis using NIST 800-53version 5 tool
• Assess critical security controls using the Top 20 CIS controls assessment tool
• Strong knowledge of security zones of control for the enterprise
• Strong knowledge of network segmentation scheme and analysis